Merge pull request #269 from dinger1986/master

adding in more config steps and change link that was wrong

content/self-host/client-configuration/_index.en.md

@@ -28,13 +28,25 @@ or
 hbbs.example.com:21116
 ```
 
+### Setup Using Import or Export
+
+1. Use the steps [above](/docs/en/self-host/client-configuration/#manual-config) to configure RustDesk Client on a Device
+2. Using the above machine go to Settings then Network and unlock
+3. Click on "Export Server Config" icon
+4. Paste the copied string into notepad or similar
+5. Go to new client, copy the above to clipboard
+6. Go to Settings then Network in RustDesk Client, unlock and click "Import Server Config"
+7. It will automatically paste the settings in
+8. click Apply
 
 
 ### Automatic Config
 
-The easiest way to setup automatically is using deployment scripts found [here](/docs/en/client/client-deployment/)
+The easiest way to setup automatically is using deployment scripts found [here](docs/en/self-host/client-deployment/)
 
-You can fix the Password is required and use a reverse base64 string in the format `{"host":"HOSTADDRESS","key":"HOSTKEY","api":"http://HOSTADDRESS:21114"` to automatically configure the clients, this is available automatically with RustDesk Server Pro via the console.
+You can fix the Password is required and use a reverse base64 string in the format `{"host":"HOSTADDRESS","key":"HOSTKEY","api":"http://HOSTADDRESS:21114"` to automatically configure the clients, this is available automatically with RustDesk Server Pro via the console. 
+
+You can also use the steps from [above](/docs/en/self-host/client-configuration/#setup-using-import-or-export) to export the string then reverse it using [this site](https://string-functions.com/reverse.aspx).
 
 #### Put config in rustdesk.exe file name (Windows only)
 

content/self-host/rustdesk-server-pro/Docker/RustDesk Server Layered Security Model/_index.en.md

@@ -0,0 +1,143 @@
+---
+title: RustDesk Server Layered Security Model
+weight: 100
+---
+
+Kindly written up by [@I-Am-Skoot](https://github.com/I-Am-Skoot/RustDeskNPMDocker/commits?author=I-Am-Skoot)
+
+## Layers
+- [RustDesk](https://github.com/rustdesk/rustdesk) Remote Support Tool
+- [NPM](https://nginxproxymanager.com/) Proxy Manager Tool
+- [Docker](https://www.docker.com) Containerization Tool
+- Firewall Tool 
+
+#### Assumptions
+This example is an All in One for hosting just RustDesk services only.  This can be expanded to a more flexible solution by splitting the NPM into it's own Docker-Compose.
+- DMZ network  192.168.1.0/24
+  - NPM (External): 192.168.1.250
+- LAN Network: 10.0.0.0/24
+- RSBackend Network: 192.168.254.0/29
+  - NPM (Internal): 192.168.254.1
+  - HBBS: 192.168.254.2
+  - HBBR: 192.168.254.3
+- Docker Host: Linux
+  - Each application has a dedicated folder in /opt/
+- Hostname: uniquehostname  (Change This)
+- DNS Name: rustdesk.example.com
+
+Make modifications to the examples as needed
+
+
+### Prepare Docker:
+You must have docker already installed this guide does not go into the specifics of that.
+
+You will need to create a network for the RustServer Backend and the DMZ.
+For each application you use with the NPM (NGINX Proxy manager) you should have a dedicated backend network to isolate it.
+
+```
+ docker network create \
+   --driver=bridge  \
+   --subnet=192.168.254.0/29 RSBackend
+ 
+ docker network create \
+   --driver=ipvlan --subnet=192.168.1.0/24 \
+   --gateway=192.168.1.1 \
+   -o ipvlan_mode=l2 \
+   -o parent=eth0 DMZ
+```
+
+### Setup Firewall
+Configure the following Port forwarding/NAT ports from your public IP to the NPM Server.
+ - 21114 => 8080 TCP
+ - 21115 => 21115 TCP
+ - 21116 => 21116 TCP/UDP
+ - 21117 => 21117 TCP
+ - 21118 => 21118 TCP
+ - 21119 => 21119 TCP
+ - 443 => 443 TCP  # If you want to use SSL
+ 
+
+
+### Setup docker-copose
+This will start a container with NPM and the correct networks.
+
+Docker-Compase.yaml 
+```
+version: '3.5'
+services:
+  NPM:
+    image: jlesage/nginx-proxy-manager:latest
+    container_name: proxy-manager
+    volumes:
+      - /opt/proxy-manager/config:/config
+    restart: 'unless-stopped'
+    networks:
+      DMZ:
+        ipv4_address: 192.168.1.250
+      RSBackend:
+        ipv4_address: 192.168.254.1
+
+  hbbs:
+    container_name: rustdesk_hbbs
+    image: rustdesk/rustdesk-server-pro:latest
+    command: hbbs -k _
+    hostname: uniquehostname   #Change This
+    volumes:
+      - /opt/rustdeskserver:/root
+    networks:
+      RSBackend:
+        ipv4_address: 192.168.254.2
+    depends_on:
+      - hbbr
+    restart: unless-stopped
+
+
+  hbbr:
+    container_name: rustdesk_hbbr
+    image: rustdesk/rustdesk-server-pro:latest
+    command: hbbr -k _
+    volumes:
+      - /opt/rustdeskserver:/root
+    networks:
+      RSBackend:
+        ipv4_address: 192.168.254.3
+    restart: unless-stopped
+
+networks:
+  DMZ:
+    external: true
+  RSBackend:
+    external: true
+```
+
+### Setup NPM
+Configure Stream Hosts for the following Ports:
+- 21115 => 192.168.254.2:21115 TCP
+- 21116 => 192.168.254.2:21116 TCP / UDP
+- 21117 => 192.168.254.3:21117 TCP
+- 21118 => 192.168.254.2:21118 TCP
+- 21119 => 192.168.254.3:21119 TCP
+- 80 => 127.0.0.1:8080 TCP # catches local traffic
+
+Configure Proxy Host
+  - Domain Name: rustdesk.example.com
+  - Scheme: http
+  - Forward Hostname / IP: 192.168.254.2
+  - Forward Port: 21114
+  - Block Common Exploits: Checked
+  - Optional: Configure SSL **DO NOT REQUIRE - Client needs to be able to communicate without ssl.**
+
+### Setup RustDesk Server
+Connect to Server interface  http://rustdesk.example.com  or https:// if you have configured SSL for web interface.
+
+### Setup RustDesk Client
+Configure the client 
+- ID Server: rustdesk.example.com
+- Relay Server: rustdesk.example.com
+- API Server: http://rustdesk.example.com   (use HTTPS if you have configured SSL)
+- Key: {Server Key Here}
+
+## 
+
+## End Result
+Your solution will be accessible externally through the Proxy manager. You will have isolation of your RustDesk Servers from other systems (Especially if you use a split configuration system and have other applications / sites behind a common NPM)